PACKET contents should be read-only. To achieve this, also
- constify two user callbacks
- constify BUF_reverse.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Now that we have the foundation for the "unified" build scheme in
place, we add build.info files. They have been generated from the
Makefiles in the same directories. Things that are platform specific
will appear in later commits.
Reviewed-by: Andy Polyakov <appro@openssl.org>
This includes basic constraints, key usages, issuer EKUs and auxiliary
trust OIDs (given a trust suitably related to the intended purpose).
Added tests and updated documentation.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Not all architectures have a time_t defined the same way. To make
sure we get the same result, we need to cast &checkoffset to (intmax_t *)
and make sure that intmax_t is defined somehow.
To make really sure we don't pass a variable with the wrong size down
to opt_imax(), we use a temporary intmax_t.
Reviewed-by: Rich Salz <rsalz@openssl.org>
The lflags configuration had a weird syntax with a % as separator. If
it was present, whatever came before ended up as PEX_LIBS in Makefile
(usually, this is LDFLAGS), while whatever came after ended up as
EX_LIBS.
This change splits that item into lflags and ex_libs, making their use
more explicit.
Also, PEX_LIBS in all the Makefiles are renamed to LDFLAGS.
Reviewed-by: Rich Salz <rsalz@openssl.org>
This extends the existing async functionality to SSL_shutdown(), i.e.
SSL_shutdown() can now casuse an SSL_ERROR_WANT_ASYNC error to be returned
from SSL_get_error() if async mode has been enabled.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Many options for supporting optimizations for legacy crypto on legacy
platforms have been removed. This simplifies the source code and
does not really penalize anyone.
DES_PTR (always on)
DES_RISC1, DES_RISC2 (always off)
DES_INT (always 'unsigned int')
DES_UNROLL (always on)
BF_PTR (always on) BF_PTR2 (removed)
MD2_CHAR, MD2_LONG (always 'unsigned char')
IDEA_SHORT, IDEA_LONG (always 'unsigned int')
RC2_SHORT, RC2_LONG (always 'unsigned int')
RC4_LONG (only int and char (for assembler) are supported)
RC4_CHUNK (always long), RC_CHUNK_LL (removed)
RC4_INDEX (always on)
And also make D_ENCRYPT macro more clear (@appro)
This is done in consultation with Andy.
Reviewed-by: Andy Polyakov <appro@openssl.org>
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
And then some hand-editing of other files.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Now that we're using templates, we should warn people not to edit the
resulting file. We do it through util/dofile.pl, which is enhanced
with an option to tell what file it was called from. We also change
the calls so the template files are on the command line instead of
being redirected through standard input. That way, we can display
something like this (example taken from include/openssl/opensslconf.h):
/* WARNING: do not edit! */
/* Generated by Configure from include/openssl/opensslconf.h.in */
Reviewed-by: Rich Salz <rsalz@openssl.org>
apps/CA.pl and tools/c_rehash are built from template files. So far,
this was done by Configure, which created its own problems as it
forced everyone to reconfigure just because one of the template files
had changed.
Instead, have those files created as part of the normal build in apps/
and in tools/.
Furthermore, this prepares for a future where Configure may produce
entirely other build files than Makefile, and the latter can't be
guaranteed to be the holder of all information for other scripts.
Instead, configdata.pm (described below) becomes the center of
configuration information.
This introduces a few new things:
%config a hash table to hold all kinds of configuration data
that can be used by any other script.
configdata.pm a perl module that Configure writes. It currently
holds the hash tables %config and %target.
util/dofile.pl a script that takes a template on STDIN and outputs
the result after applying configuration data on it.
It's supposed to be called like this:
perl -I$(TOP) -Mconfigdata < template > result
or
perl -I$(TOP) -Mconfigdata templ1 templ2 ... > result
Note: util/dofile.pl requires Text::Template.
As part of this changed, remove a number of variables that are really
just copies of entries in %target, and use %target directly. The
exceptions are $target{cflags} and $target{lflags}, they do get copied
to $cflags and $lflags. The reason for this is that those variable
potentially go through a lot of changes and would rather deserve a
place in %config. That, however, is for another commit.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
The code is trying to interpolate the value of the BASE_SECTION macro,
but due to excess escaping, it instead prints the string "BASE_SECTION".
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
It is sometimes useful (especially in automated tests) to supply
multiple trusted or untrusted certificates via separate files rather
than have to prepare a single file containing them all.
To that end, change verify(1) to accept these options zero or more
times. Also automatically set -no-CAfile and -no-CApath when
-trusted is specified.
Improve verify(1) documentation, which could still use some work.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Rename 'update' to 'generate'. Rather than recurse, just explicitly
call the three generate targets directly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Some users want to disable SSL 3.0/TLS 1.0/TLS 1.1, and enable just
TLS 1.2. In the future they might want to disable TLS 1.2 and
enable just TLS 1.3, ...
This commit makes it possible to disable any or all of the TLS or
DTLS protocols. It also considerably simplifies the SSL/TLS tests,
by auto-generating the min/max version tests based on the set of
supported protocols (425 explicitly written out tests got replaced
by two loops that generate all 425 tests if all protocols are
enabled, fewer otherwise).
Reviewed-by: Richard Levitte <levitte@openssl.org>
Remove lint, tags, dclean, tests.
This is prep for a new makedepend scheme.
This is temporary pending unified makefile, and might help it.
Reviewed-by: Richard Levitte <levitte@openssl.org>
The entropy-gathering daemon is used only on a small number of machines.
Provide a configure knob so that EGD support can be disabled by default
but re-enabled on those systems that do need it.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
It turns out that -pause calls the undocumented function SSL_set_debug.
That just sets flag inside the SSL structure. That flag, despite
the command is never used. So remove the flag, the field, and the
function.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Tell open() O_BINARY on VMS doesn't make sense, as it's possible to
use more precise file attributes. However, if we're still going to
fdopen() it in binary mode, we must set the fd in binary context.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Well, I'm not actually changing time_t, just changing how time_t
valued opt values are converted from string to time_t.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Create Makefile's from Makefile.in
Rename Makefile.org to Makefile.in
Rename Makefiles to Makefile.in
Address review feedback from Viktor and Richard
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Implement range-checking in all counts in apps. Turns out only a couple
of cases were missing. And make the range-checking code more strict.
Replace almost all opt_ulong() calls with opt_long()
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Make LHASH_OF use static inline functions.
Add new lh_get_down_load and lh_set_down_load functions and their
typesafe inline equivalents.
Make lh_error a function instead of a macro.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Commit 189ae368d9 (RT ticket 3352) provided the capability to output
session key data in NSS format. The big apps cleanup broke that capability.
This commit restores it.
RT#4201
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this.
If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery.
(Thanks to Jakob Bohm for the suggestion!)
Make the "change wrapper functions" be the only paradigm.
Wrote documentation!
Format the 'set func' functions so their paramlists are legible.
Format some multi-line comments.
Remove ability to get/set the "memory debug" functions at runtme.
Remove MemCheck_* and CRYPTO_malloc_debug_init macros.
Add CRYPTO_mem_debug(int flag) function.
Add test/memleaktest.
Rename CRYPTO_malloc_init to OPENSSL_malloc_init; remove needless calls.
Reviewed-by: Richard Levitte <levitte@openssl.org>
DTLS cookie generation and verification were exact copies of each
other save the last few lines. This refactors them to avoid code
copying.
Reviewed-by: Matt Caswell <matt@openssl.org>
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.
Reviewed-by: Tim Hudson <tjh@openssl.org>
s_server was trying to set the ECDH curve when no-ec was defined. This also
highlighted the fact that the -no_ecdhe option to s_server is broken, and
doesn't make any sense any more (ECDHE is on by default and the only way it
can be disabled is through the cipherstring). Therefore this commit removes
the option.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
When processing a public key input via "-pubin", "private" was
sometimes erroneously set, or else not set and incorrectly asserted.
Reviewed-by: Rich salz <rsalz@openssl.org>
This change required some special treatment, as HMAC is intertwined
with EVP_MD. For now, all local HMAC_CTX variables MUST be
initialised with HMAC_CTX_EMPTY, or whatever happens to be on the
stack will be mistaken for actual pointers to EVP_MD_CTX. This will
change as soon as HMAC_CTX becomes opaque.
Also, since HMAC_CTX_init() can fail now, its return type changes from
void to int, and it will return 0 on failure, 1 on success.
Reviewed-by: Rich Salz <rsalz@openssl.org>
In theory the pthreads approach for Thread Local Storage should be more
portable.
This also changes some APIs in order to accommodate this change. In
particular ASYNC_init_pool is renamed ASYNC_init_thread and
ASYNC_free_pool is renamed ASYNC_cleanup_thread. Also introduced ASYNC_init
and ASYNC_cleanup.
Reviewed-by: Rich Salz <rsalz@openssl.org>
If an async event occurs during a renegotiation in SSL_read then s_server
was looping around, detecting we were in init and calling
init_ssl_connection instead of re-calling SSL_read.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Initial API implemented for notifying applications that an ASYNC_JOB
has completed. Currently only s_server is using this. The Dummy Async
engine "cheats" in that it notifies that it has completed *before* it
pauses the job. A normal async engine would not do that.
Only the posix version of this has been implemented so far, so it will
probably fail to compile on Windows at the moment.
Reviewed-by: Rich Salz <rsalz@openssl.org>
It is expensive to create the ASYNC_JOB objects due to the "makecontext"
call. This change adds support for pools of ASYNC_JOB objects so that we
don't have to create a new ASYNC_JOB every time we want to use one.
Reviewed-by: Rich Salz <rsalz@openssl.org>
The s_server option -WWW was not async aware, and therefore was not
handling SSL_ERROR_WANT_ASYNC conditions. This commit fixes that.
Reviewed-by: Rich Salz <rsalz@openssl.org>
A new -async option is added which activates SSL_MODE_ASYNC. Also
SSL_WANT_ASYNC errors are handled appropriately.
Reviewed-by: Rich Salz <rsalz@openssl.org>
SSL_state has been replaced by SSL_get_state and SSL_set_state is no longer
supported.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
s_server was (ab)using SSL_set_state to force a renegotiation. This is a
bad way to do things and does not work with the new state machine code, so
we need to do it a different way.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Clean up and remove lots of code that is now no longer needed due to the
move to the new state machine.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Check for Host header in query_responder instead of process_responder. This
also fixes a memory leak in the old code if the headers was NULL.
Reviewed-by: Richard Levitte <levitte@openssl.org>
When using command line applications errors occur when trying to
load engines specified in a config file. Introduced by commit
a0a82324f9
RT#4093
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Previous OpenSSL versions used -set_serial, but master was using
-set-serial - so rename it back to the old version.
RT#4059
Reviewed-by: Richard Levitte <levitte@openssl.org>
Loading the config file after processing command line options can
cause problems, e.g. where an engine provides new ciphers/digests
these are not then recoginised on the command line. Move the
default config file loading to before the command line option
processing. Whilst we're doing this we might as well centralise
this instead of doing it individually for each application. Finally
if we do it before the OpenSSL_add_ssl_algorithms() call then
ciphersuites provided by an engine (e.g. GOST) can be available to
the apps.
RT#4085
RT#4086
Reviewed-by: Richard Levitte <levitte@openssl.org>
There used to be options -macopt and -sigopt in <=1.0.2 for the dgst
command line app. These were incorrectly spelled as -macop and -sigop in
master.
RT#4072
Reviewed-by: Andy Polyakov <appro@openssl.org>
Note that this commit constifies a user callback parameter and therefore
will break compilation for applications using this callback. But unless
they are abusing write access to the buffer, the fix is trivial.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Even though SOCKET is effectively declared as (void *) on Windows, it's
not actually a pointer, but an index within per-process table of
kernel objects. The table size is actually limited and its upper limit
is far below upper limit for signed 32-bit integer. This is what makes
cast in question possible.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
For those command line options that take the verification options
-CApath and -CAfile, if those options are absent then the default path or
file is used instead. It is not currently possible to specify *no* path or
file at all. This change adds the options -no-CApath and -no-CAfile to
specify that the default locations should not be used to all relevant
applications.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Use sockaddr_storage not sockaddr for the client IP address to allow for
IPv6.
Also fixed a section of code which was conditional on OPENSSL_NO_DTLS1
which should not have been.
Reviewed-by: Andy Polyakov <appro@openssl.org>
DTLSv1_listen is a commonly used function within DTLS solutions for
listening for new incoming connections. This commit adds support to s_server
for using it.
Reviewed-by: Andy Polyakov <appro@openssl.org>
The -srpvfile option was broken in the srp command line app. Using it would
always result in "-dbfile and -configfile cannot be specified together."
The error message is also wrong because the option is "-srpvfile" not
"-dbfile", so that has been fixed too.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Have a look at the directories in crypto/, I found reason to add
checks on CMAC and HMAC. This might be completely irrelevant, but I
prefered covering too much than not enough.
Reviewed-by: Stephen Henson <steve@openssl.org>
A grep of OPENSSL_NO_ in the rest of the source tree revealed a few
more features to check.
NOTE: there are some of those macros that I ignore because a check of
them doesn't seem useful to external apps. This might change later on.
Reviewed-by: Stephen Henson <steve@openssl.org>
After a grep of OPENSSL_NO_ in apps/*.c, a few more features that may
be interesting to check the availability of came up.
Reviewed-by: Stephen Henson <steve@openssl.org>
New option "openssl list -disabled" this lists a set of disabled features
in a form which can be conveniently parsed by the test framework so it
knows which tests to skip.
Reviewed-by: Richard Levitte <levitte@openssl.org>
If the field separator isn't specified through -nameopt then use
XN_FLAG_SEP_CPLUS_SPC instead of printing nothing and returing an error.
PR#2397
Reviewed-by: Tim Hudson <tjh@openssl.org>
Both now warn once if directory isn't writeable.
Both now warn on file-write errors (multiple times).
Update manpage to describe both program and script correctly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
On Unix/Linux platforms, merge c_rehash script into openssl as a
C program.
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
To set both the incoming and outgoing data when 'encrypting' or
'decrypting' to FORMAT_BASE64 wasn't quite the right thing to do.
Reviewed-by: Tim Hudson <tjh@openssl.org>
If the output to stdout or the input from stdin is meant to be binary,
it's deeply unsetting to get the occasional LF converted to CRLF or
the other way around. If someone happens to forget to redirect stdin
or stdout, they will get gibberish anyway, line ending conversion will
not change that.
Therefore, let's not have dup_bio_* decide unilaterally what mode the
BIO derived from stdin and stdout, and rather let the app decide by
declaring the intended format.
Reviewed-by: Tim Hudson <tjh@openssl.org>
The different apps had the liberty to decide whether they would open their
input and output files in binary mode or not, which could be confusing if
two different apps were handling the same type of file in different ways.
The solution is to centralise the decision of low level file organisation,
and that the apps would use a selection of formats to state the intent of
the file.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Most of all, we needed to sort out which ones are binary and which
ones are text, and make sure they are treated accordingly and
consistently so
Reviewed-by: Tim Hudson <tjh@openssl.org>
Most of the accessors existed and were already used so it was easy.
TS_VERIFY_CTX didn't have accessors/settors so I added the simple and
obvious ones, and changed the app to use them. Also, within crypto/ts,
replaced the functions with direct access to the structure members
since we generally aren't opaque within a directory.
Also fix RT3901.
Reviewed-by: Tim Hudson <tjh@openssl.org>
In some environments, such as firmware, the current system time is entirely
meaningless. Provide a clean mechanism to suppress the checks against it.
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
This does 64-bit division and multiplication, and on 32-bit platforms
pulls in libgcc symbols (and MSVC does similar) which may not be
available. Mostly done by David Woodhouse.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
clang suggests %llu instead, but it isn't clear that is portable on
all platforms.
C99 and above define a handy macro for us, so we try to use that
definition and fall back to current definition if needed (though we
switch to 'u' for unsigned).
Reviewed-by: Matt Caswell <matt@openssl.org>
Remove asn1-kludge option from the req utility. It was a decade old
workaround for CAs and software which required an invalid encoding
of PKCS#10 certificate requests: omitting the attributes field even
though it is not OPTIONAL.
Reviewed-by: Rich Salz <rsalz@openssl.org>
This was obsolete in 2001. This is not the same as Gost94 digest.
Thanks to Dmitry Belyavsky <beldmit@gmail.com> for review and advice.
Reviewed-by: Matt Caswell <matt@openssl.org>
Add Host Header in OCSP query if no host header is set via -header
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Ben Laurie <ben@openssl.org>
The -use_srtp s_client/s_server option is supposed to take a colon
separated string as an argument. In master this was incorrectly set to
expect a filename.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Thanks folks:
348 Benjamin Kaduk
317 Christian Brueffer
254 Erik Tews
253 Erik Tews
219 Carl Mehner
155 (ghost)
95 mancha
51 DominikNeubauer
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
The -show_chain flag to the verify command line app shows information about
the chain that has been built. This commit adds the text "untrusted" against
those certificates that have been used from the untrusted list.
Reviewed-by: Rich Salz <rsalz@openssl.org>
There's no reason why we should default to a output format that is
old, and confusing in some cases.
This affects the commands "ca", "crl", "req" and "x509".
Reviewed-by: Rich Salz <rsalz@openssl.org>
When generating a private key, try to make the output file be readable
only by the owner. Put it in CHANGES file since it might be noticeable.
Add "int private" flag to apps that write private keys, and check that it's
set whenever we do write a private key. Checked via assert so that this
bug (security-related) gets fixed. Thanks to Viktor for help in tracing
the code-paths where private keys are written.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
This is a workaround so old that nobody remembers what buggy clients
it was for. It's also been broken in stable branches for two years and
nobody noticed (see
https://boringssl-review.googlesource.com/#/c/1694/).
Reviewed-by: Tim Hudson <tjh@openssl.org>
For librypto to be complete, the stuff in both crypto/ and engines/
have to be built. Doing 'make test' or 'make apps' from a clean
source tree failed to do so.
Corrected by using the new 'build_libcrypto' in the top Makefile.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Here are the "rules" for handling flags that depend on #ifdef:
- Do not ifdef the enum. Only ifdef the OPTIONS table. All ifdef'd
entries appear at the end; by convention "engine" is last. This
ensures that at run-time, the flag will never be recognized/allowed.
The next two bullets entries are for silencing compiler warnings:
- In the while/switch parsing statement, use #ifdef for the body to
disable it; leave the "case OPT_xxx:" and "break" statements outside
the ifdef/ifndef. See ciphers.c for example.
- If there are multiple options controlled by a single guard, OPT_FOO,
OPT_BAR, etc., put a an #ifdef around the set, and then do "#else"
and a series of case labels and a break. See OPENSSL_NO_AES in cms.c
for example.
Reviewed-by: Matt Caswell <matt@openssl.org>
The module loading feature got broken a while ago, so restore it, but
have it a bit more explicit this time around.
Reviewed-by: Stephen Henson <steve@openssl.org>
Create app_load_config(), a routine to load config file. Remove the
"always load config" from the main app. Change the places that used to
load config to call the new common routine.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Add support for PKCS#8 private key encryption using the scrypt algorithm
in the pkcs8 utility. Update documentation.
Reviewed-by: Rich Salz <rsalz@openssl.org>
This adds a new function which will encrypt a private key using PKCS#8
based on an X509_ALGOR structure and reimplements PKCS8_encrypt to use it.
Update pkcs8 utlity to use PKCS8_set0_pbe.
Reviewed-by: Rich Salz <rsalz@openssl.org>
The "out" variable is used for both key and csr. Close it after
writing the first one so it can be re-used when writing the other.
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Given the pervasive nature of TLS extensions it is inadvisable to run
OpenSSL without support for them. It also means that maintaining
the OPENSSL_NO_TLSEXT option within the code is very invasive (and probably
not well tested). Therefore it is being removed.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in. This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.
This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Typedef STRINT_PAIR to be the same as OPT_PAIR, and use that structure and
a bunch of tables instead of switch statements to lookup various values
out of the SSL/TLS message buffers. Shrinks a bunch of code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Following the version negotiation rewrite all of the previous code that was
dedicated to version negotiation can now be deleted - all six source files
of it!!
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Continuing from the previous commit this changes the way we do client side
version negotiation. Similarly all of the s23* "up front" state machine code
has been avoided and again things now work much the same way as they already
did for DTLS, i.e. we just do most of the work in the
ssl3_get_server_hello() function.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
This commit changes the way that we do server side protocol version
negotiation. Previously we had a whole set of code that had an "up front"
state machine dedicated to the negotiating the protocol version. This adds
significant complexity to the state machine. Historically the justification
for doing this was the support of SSLv2 which works quite differently to
SSLv3+. However, we have now removed support for SSLv2 so there is little
reason to maintain this complexity.
The one slight difficulty is that, although we no longer support SSLv2, we
do still support an SSLv3+ ClientHello in an SSLv2 backward compatible
ClientHello format. This is generally only used by legacy clients. This
commit adds support within the SSLv3 code for these legacy format
ClientHellos.
Server side version negotiation now works in much the same was as DTLS,
i.e. we introduce the concept of TLS_ANY_VERSION. If s->version is set to
that then when a ClientHello is received it will work out the most
appropriate version to respond with. Also, SSLv23_method and
SSLv23_server_method have been replaced with TLS_method and
TLS_server_method respectively. The old SSLv23* names still exist as
macros pointing at the new name, although they are deprecated.
Subsequent commits will look at client side version negotiation, as well of
removal of the old s23* code.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Follow the same convention the other OPENSSL_NO_xxx header files
do, and use #error instead of making the header file be a no-op.
Reviewed-by: Matt Caswell <matt@openssl.org>
Remove RFC2712 Kerberos support from libssl. This code and the associated
standard is no longer considered fit-for-purpose.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Remove Kerberos related options from the apps to prepare for the
subsequent commits which will remove libcrypto and libssl support for
Kerberos.
Reviewed-by: Rich Salz <rsalz@openssl.org>
For the various string-compare routines (strcmp, strcasecmp, str.*cmp)
use "strcmp()==0" instead of "!strcmp()"
Reviewed-by: Tim Hudson <tjh@openssl.org>
The file name given to -CAserial might not exist yet. The
-CAcreateserial option decides if this is ok or not.
Previous to this change, -CAserial was a type '<' option, and in that
case, the existence of the file given as argument is tested quite
early, and is a failure if it doesn't. With the type 's' option, the
argument is just a string that the application can do whatever it
wants with.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Compiling OpenSSL code with MSVC and /W4 results in a number of warnings.
One category of warnings is particularly interesting - C4701 (potentially
uninitialized local variable 'name' used). This warning pretty much means
that there's a code path which results in uninitialized variables being used
or returned. Depending on compiler, its options, OS, values in registers
and/or stack, the results can be nondeterministic. Cases like this are very
hard to debug so it's rational to fix these issues.
This patch contains a set of trivial fixes for all the C4701 warnings (just
initializing variables to 0 or NULL or appropriate error code) to make sure
that deterministic values will be returned from all the execution paths.
RT#3835
Signed-off-by: Matt Caswell <matt@openssl.org>
Matt's note: All of these appear to be bogus warnings, i.e. there isn't
actually a code path where an unitialised variable could be used - its just
that the compiler hasn't been able to figure that out from the logic. So
this commit is just about silencing spurious warnings.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Just as with the OPENSSL_malloc calls, consistently use sizeof(*ptr)
for memset and memcpy. Remove needless casts for those functions.
For memset, replace alternative forms of zero with 0.
Reviewed-by: Richard Levitte <levitte@openssl.org>
If CA.pl is reading from /dev/null, then "chop $FILE" gives a warning.
Sigh. Have to add "if $FILE". This just silences a build warning.
Thanks to GitHub user andrejs-igumenovs for help with this.
Reviewed-by: Richard Levitte <levitte@openssl.org>
For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption. Instead do this:
p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.
Reviewed-by: Richard Levitte <levitte@openssl.org>
RT2943 only complains about the incorrect check of -K argument size,
we might as well do the same thing with the -iv argument.
Before this, we only checked that the given argument wouldn't give a
bitstring larger than EVP_MAX_KEY_LENGTH. we can be more precise and
check against the size of the actual cipher used.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Don't do access check on destination directory; it breaks when euid/egid
is different from real uid/gid.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Signed-off-by: Rich Salz <rsalz@akamai.com>
After the finale, the "real" final part. :) Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.
Reviewed-by: Tim Hudson <tjh@openssl.org>
